package org.wang.gift.config;

import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
import org.wang.gift.constants.GiftAuthConstants;


public abstract class BaseResourceServerConfig implements ResourceServerConfigurer {
    @Value("${oauth2.resourceId}")
    private String resourceId;
    //本类中不需要但是子类必须实现
    @Override
    public abstract   void configure(HttpSecurity httpSecurity) throws Exception;

    @Bean
    public JwtAccessTokenConverter jwtAccessTokenConverter(){
        System.out.println(GiftAuthConstants.SIGN_KEY);
        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
        converter.setSigningKey(GiftAuthConstants.SIGN_KEY);
        return converter;
    }
    @Bean
    public TokenStore tokenStore(){
        return new JwtTokenStore(jwtAccessTokenConverter());
    }

    @Override
    public void configure(ResourceServerSecurityConfigurer configurer) throws Exception {
        //核心在配置校验地址
        configurer.resourceId(resourceId)
                .tokenStore(tokenStore())
                //.tokenServices(resourceServerTokenServices())//非jwttoken方式,校验token
                .stateless(true);
    }
}